package com.university.mentalhealthplatform.global.rbac.controller;

import com.university.mentalhealthplatform.global.log.manager.ManagerLogAction;
import com.university.mentalhealthplatform.global.rbac.dto.normal.RoleDTO;
import com.university.mentalhealthplatform.global.rbac.model.Role;
import com.university.mentalhealthplatform.global.debounce.Debounce;
import com.university.mentalhealthplatform.global.rbac.jwt.JwtRequestFilter;
import com.university.mentalhealthplatform.global.rbac.service.entity.RoleService;
import com.university.mentalhealthplatform.global.rbac.service.relation.UserRoleService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.List;
import java.util.Map;


@RestController
@RequestMapping("/api/roles")
public class RoleController {

    @Autowired
    private UserRoleService userRoleService;

    private static final Logger logger = LoggerFactory.getLogger(JwtRequestFilter.class);
    @Autowired
    private RoleService roleService;

    // 获取所有角色信息
    @GetMapping
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:READ_ALL')")
    public ResponseEntity<List<RoleDTO>> getAllRoles() {
        try {
            List<RoleDTO> roles = roleService.getAllRoles();
            return ResponseEntity.ok(roles);
        } catch (Exception e) {
            return ResponseEntity.status(500).body(null);
        }
    }

    // 创建角色
    @PostMapping
    @ManagerLogAction(module = "角色管理", operationType = "新增", description = "添加新角色")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:CREATE')")
    public ResponseEntity<?> createRole(@RequestBody RoleDTO roleDTO) {
        try {
            Role newRole = roleService.createRole(roleDTO);
            RoleDTO newRoleDTO = RoleDTO.convertToDTO(newRole);
            return ResponseEntity.status(201).body(newRoleDTO);
        } catch (Exception e) {
            return ResponseEntity.status(500).body("角色创建失败: " + e.getMessage());
        }
    }

    // 删除角色
    @DeleteMapping("/{id}")
    @ManagerLogAction(module = "角色管理", operationType = "删除", description = "删除角色")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:DELETE')")
    public ResponseEntity<?> deleteRole(@PathVariable Long id) {
        roleService.deleteRoleById(id);
        return ResponseEntity.noContent().build();
    }

    // 批量删除角色
    @PostMapping("/delete")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:DELETE_ALL')")
    public ResponseEntity<?> deleteRoles(@RequestBody List<Long> ids) {
        try {
            ids.forEach(roleService::deleteRole);
            return ResponseEntity.noContent().build();
        } catch (Exception e) {
            return ResponseEntity.status(500).body("批量删除失败: " + e.getMessage());
        }
    }


    @PutMapping("/{id}/status")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:STATUS_UPDATE')")
    public ResponseEntity<?> updateRoleStatus(@PathVariable Long id, @RequestBody Map<String, Boolean> status) {
        try {
            roleService.updateRoleStatus(id, status.get("status"));
            return ResponseEntity.ok("角色状态更新成功");
        } catch (Exception e) {
            return ResponseEntity.status(500).body("角色状态更新失败: " + e.getMessage());
        }
    }


    // 更新角色信息
    @PutMapping("/{roleId}")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:UPDATE')")
    public ResponseEntity<?> updateRole(
            @PathVariable Long roleId,
            @RequestBody RoleDTO roleDTO) {
        try {
            roleService.updateRole(roleId, roleDTO);
            return ResponseEntity.ok("角色基本信息更新成功");
        } catch (Exception e) {
            return ResponseEntity.status(500).body("角色更新失败: " + e.getMessage());
        }
    }

    // 给角色授予菜单
    @PostMapping("/{roleId}/menus")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:MENU_ASSIGN')")
    public ResponseEntity<?> assignMenusToRole(@PathVariable Long roleId, @RequestBody List<Long> menuIds) {
        try {
            roleService.assignMenusToRole(roleId, menuIds);
            return ResponseEntity.ok("菜单授予成功");  // 200 OK
        } catch (Exception e) {
            return ResponseEntity.status(500).body("菜单授予失败: " + e.getMessage());
        }
    }

    // 给角色授予权限
    @PostMapping("/{roleId}/permissions")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:PERMISSION_ASSIGN')")
    public ResponseEntity<?> assignPermissionsToRole(@PathVariable Long roleId, @RequestBody List<Long> permissionIds) {
        try {
            roleService.assignPermissionsToRole(roleId, permissionIds);
            return ResponseEntity.ok("权限授予成功");
        } catch (Exception e) {
            return ResponseEntity.status(500).body("权限授予失败: " + e.getMessage());
        }
    }

    // 获取角色的菜单 ID 列表
    @GetMapping("/{roleId}/menus")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:MENU_ASSIGN')")
    public ResponseEntity<?> getRoleMenus(@PathVariable Long roleId) {
        try {
            List<Long> menuIds = roleService.getMenuIdsByRoleId(roleId);
            return ResponseEntity.ok(menuIds);
        } catch (Exception e) {
            return ResponseEntity.status(500).body("获取菜单失败: " + e.getMessage());
        }
    }

    // 移除角色的菜单
    @DeleteMapping("/{roleId}/menus")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:MENU_REMOVE')")
    public ResponseEntity<?> removeMenusFromRole(@PathVariable Long roleId, @RequestBody List<Long> menuIds) {
        try {
            roleService.removeMenusFromRole(roleId, menuIds);
            return ResponseEntity.noContent().build();
        } catch (Exception e) {
            return ResponseEntity.status(500).body("移除菜单失败: " + e.getMessage());
        }
    }

    // 获取角色的权限 ID 列表
    @GetMapping("/{roleId}/permissions")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:PERMISSION_ASSIGN')")
    public ResponseEntity<?> getRolePermissions(@PathVariable Long roleId) {
        try {
            List<Long> permissionIds = roleService.getPermissionIdsByRoleId(roleId);
            return ResponseEntity.ok(permissionIds);
        } catch (Exception e) {
            return ResponseEntity.status(500).body("获取权限失败: " + e.getMessage());
        }
    }

    // 移除角色的权限
    @DeleteMapping("/{roleId}/permissions")
    @Debounce
    @PreAuthorize("hasAuthority('ROLE:PERMISSION_REMOVE')")
    public ResponseEntity<?> removePermissionsFromRole(@PathVariable Long roleId, @RequestBody List<Long> permissionIds) {
        try {
            roleService.removePermissionsFromRole(roleId, permissionIds);
            return ResponseEntity.noContent().build();
        } catch (Exception e) {
            return ResponseEntity.status(500).body("移除权限失败: " + e.getMessage());
        }
    }
}
